From 9f7b56e1fb2d09dc7d14f78d117617fccb9ce5ec Mon Sep 17 00:00:00 2001
From: Nikita Sobolev <mail@sobolevn.me>
Date: Mon, 15 Apr 2024 01:38:28 +0300
Subject: [PATCH] Ignore `bandit`'s CVE reported by `safety`

It is a dev-dependency and there's no real vulnerability.
This is why a job in my CI fails: https://github.com/PyCQA/isort/pull/2241

Link to CVE: https://data.safetycli.com/v/64484/f17

Or you can bump `bandit` to 1.7.8: https://pypi.org/project/bandit/1.7.8/
---
 scripts/lint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/lint.sh b/scripts/lint.sh
index c85e7a63..0d27986f 100755
--- a/scripts/lint.sh
+++ b/scripts/lint.sh
@@ -7,5 +7,5 @@ poetry run black --target-version py38 --check .
 poetry run isort --profile hug --check --diff isort/ tests/
 poetry run isort --profile hug --check --diff example_*/
 poetry run flake8 isort/ tests/
-poetry run safety check -i 51457 -i 59587 # https://github.com/tiangolo/typer/discussions/674
+poetry run safety check -i 51457 -i 59587 -i 64484 # https://github.com/tiangolo/typer/discussions/674
 poetry run bandit -r isort/ -x isort/_vendored